"Public Key Infrastructure (PKI) refers to the framework and services that provide for the generation, production, distribution, control, and accounting of public key certificates, and provides that critically needed support to applications providing confidentiality and authentication of network transactions as well as data integrity and non-repudiation. The PKI encompasses Certificate Management and Registration functions."
DoD Public Key Infrastructure Roadmap
Full implementation of PKI has been mandated by DoD and DoN to be completed by October 2004.
PKI Provides for:
Authentication - Proof that the sender is whom they claim to be
Confidentiality - Assurance that the person receiving is the intended recipient
Authorization - Protection against unauthorized use
Data Integrity - Verification that no unauthorized modification of data has occurred
Non-Repudiation - Assurance for the legal community that the person sending cannot deny participation
PKI Digital Certificate Installation Instructions
Instructions for installing your PKI card reader digital certificates are available on the NPS Intranet. For further help with these instructions, please contact the TAC.
PKI implementation allows individual users to both digitally sign and/or encrypt e-mail messages for transit over the NIPRNET and SIPRNET using the personal COTS e-mail client. It also allows individual users to digitally sign and encrypt e-mail and securely transit over the Internet. Now, more than ever, there is a need for DoD users to have a means for indicating whether e-mail messages are altered during transit. Also of immediate concern is ensuring that hackers are not able to view the contents of Sensitive But Unclassified (SBU) data during transit. SBU information includes, but is not limited to, contracting documents and unclassified official orders.
PKI fills an immediate need to provide a secure means of transport to BSU and routine e-mail messaging between individuals.
For more information about PKI and the future of PKI, consult the information provided by INFOSEC.